package Merlion.userManagement.bean;

import Merlion.userManagement.entity.SystemUserEntity;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import Merlion.util.helper.PasswordHash;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;

@Stateless
public class ResetPasswordBean implements ResetPasswordBeanRemote {

    @PersistenceContext
    private EntityManager em;

    public String getSecurityQuestion(String email) {
        System.out.println("**ResetPasswordBean: getSecurityQuestion()");
        SystemUserEntity systemUser = em.find(SystemUserEntity.class, email);

        try {
            if (systemUser == null) {
                System.out.println("**ResetPasswordBean: Email cannot be found.");
                return "null";
            } else {
                System.out.println("**ResetPasswordBean: Security Question is taken from database.");
                String securityQuestion = systemUser.getSecurityQuestion();
                return securityQuestion;
            }
        } catch (Exception ex) {
            ex.printStackTrace();
            return "null";
        }
    }

    public String getSecurityAnswer(String email) {
        System.out.println("**ResetPasswordBean: getSecurityAnswer()");
        SystemUserEntity systemUser = em.find(SystemUserEntity.class, email);

        try {
            if (systemUser == null) {
                System.out.println("**ResetPasswordBean: Email cannot be found.");
                return "null";
            } else {
                System.out.println("**ResetPasswordBean: Security Answer is taken from database.");
                String securityAnswer = systemUser.getSecurityAnswer();
                return securityAnswer;
            }
        } catch (Exception ex) {
            ex.printStackTrace();
            return "null";
        }
    }

    public String getPassword(String email) {
        System.out.println("**ResetPasswordBean: getPassword()");
        SystemUserEntity systemUser = em.find(SystemUserEntity.class, email);

        try {
            if (systemUser == null) {
                System.out.println("**ResetPasswordBean: Email cannot be found.");
                return "null";
            } else {
                System.out.println("**ResetPasswordBean: Password is taken from database.");
                String pw = systemUser.getPassword();
                return pw;
            }
        } catch (Exception ex) {
            ex.printStackTrace();
            return "null";
        }
    }

    public boolean updatePassword(String email, String password, String securityAnswer) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        System.out.println("**ResetPasswordBean: updatePassword()");
        SystemUserEntity systemUser = em.find(SystemUserEntity.class, email);
        String md5password = PasswordHash.MD5(password + email);

        try {
            if (securityAnswer.equalsIgnoreCase(systemUser.getSecurityAnswer())) {
                systemUser.setPassword(md5password);
                em.merge(systemUser);
                em.flush();
                System.out.println("**ResetPasswordBean: Password successfully updated.");
                return true;
            } else {
                System.out.println("**ResetPasswordBean: Security Answer does not match. Update password failed.");
                return false;
            }
        } catch (Exception ex) {
            ex.printStackTrace();
            return false;
        }
    }

    public boolean changeSecurityQuestion(String email, String securityQuestion, String securityAnswer) {
        System.out.println("**ResetPasswordBean: changeSecurityQuestion()");
        SystemUserEntity systemUser = em.find(SystemUserEntity.class, email);

        try {
            if (systemUser != null) {
                systemUser.setSecurityQuestion(securityQuestion);
                systemUser.setSecurityAnswer(securityAnswer);
                em.merge(systemUser);
                em.flush();
                System.out.println("**ResetPasswordBean: Security question is successfully changed.");
                return true;
            } else {
                System.out.println("**ResetPasswordBean: User does not exist. Authentication failed.");
                return false;
            }
        } catch (Exception ex) {
            ex.printStackTrace();
            return false;
        }
    }
}
